Encrypt login ID, password stored in cookie in Java and Decrypt the information in C#

Posted on 2009-04-29
Last Modified: 2012-05-06

I am working on a custom single sign on project. The main web site runs on BEA Weblogic. When an user logs into the site, the site is supposed to store login ID and password in a cookie. When the same user connects to another secure sub-site based on, the sub-site will do an automatic login for the user based on the stored cookie information. To increase security, I would like to encrypt the stored ID and password.

Can you recommend a good encryption/decryption routine that works across the two different platforms? I understand storing ID and password in a cookie is not really a secure solution, but I am trying make the login process as fast as I can.

Question by:lalala66
    LVL 10

    Expert Comment

    I don't think you want a encrypt/decrypt type thing. It might be better to encrypt both together with md5() function and store the resulting hash in the cookie and database. MD5() takes some input, then encrypts it into a 32 char long hex number.
    When user goes to other site, site pulls cookie, checks if the hash exists, if it does, log in automatically.
    Ideally, you don't ever want to decrypt a password (or have passwords stored in a decryptable format). You encrypt a password provided and just compare hashes. If match - login successful.
    MD5 doesn't produce dupes - so you always get back a unique hash for unique entries.
    The MD5 alorithm is available in PHP and ASP - so I think it might work out fine.

    Accepted Solution

    Normally, this would be the idea design. Unfortunately, the sub-site is based on a CRM application that I have no control over. My code needs to log into the system on behalf of the user.

    Featured Post

    What Security Threats Are You Missing?

    Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

    Join & Write a Comment

    Prime numbers are natural numbers greater than 1 that have only two divisors (the number itself and 1). By “divisible” we mean dividend % divisor = 0 (% indicates MODULAR. It gives the reminder of a division operation). We’ll follow multiple approac…
    Envision that you are chipping away at another e-business site with a team of pundit developers and designers. Everything seems, by all accounts, to be going easily.
    This tutorial demonstrates how to identify and create boundary or building outlines in Google Maps. In this example, I outline the boundaries of an enclosed skatepark within a community park.  Login to your Google Account, then  Google for "Google M…
    The viewer will learn how to count occurrences of each item in an array.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    21 Experts available now in Live!

    Get 1:1 Help Now